Overview

overview

8

Static

static

1

Notesvb.msi

windows7-x64

8

Notesvb.msi

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Notesvb.msi

  • Size

    1.5MB

  • Sample

    240125-w5175scge8

  • MD5

    42dd7ae8f7ace56e7032d891f78e3bb1

  • SHA1

    6020f70869cb043a7447aed55c898f6cd4eba5ca

  • SHA256

    a4d2138624f8eebbbd665597b1b9e7c3817c374e0e27327cf8acf1b5c57a4b10

  • SHA512

    fe799099aa596d9c710d372cfec6d17eef611801bf1135bd9f13c1311c1a8f2e6e2e426fe279d07d2747a8d941f4bde88d497de63997c5c4c71a19be4e7f65be

  • SSDEEP

    24576:lfJdydmCcUsQ0Bigw3ywNfALfT9Qw4trPoMhlBb7/nSej8AfLRBRqJPim4z5Qn4:hJdaVcUsQ0Us7LbqhlBb7/nSej8AjRBd

Score
8/10

Malware Config

Targets

    • Target

      Notesvb.msi

    • Size

      1.5MB

    • MD5

      42dd7ae8f7ace56e7032d891f78e3bb1

    • SHA1

      6020f70869cb043a7447aed55c898f6cd4eba5ca

    • SHA256

      a4d2138624f8eebbbd665597b1b9e7c3817c374e0e27327cf8acf1b5c57a4b10

    • SHA512

      fe799099aa596d9c710d372cfec6d17eef611801bf1135bd9f13c1311c1a8f2e6e2e426fe279d07d2747a8d941f4bde88d497de63997c5c4c71a19be4e7f65be

    • SSDEEP

      24576:lfJdydmCcUsQ0Bigw3ywNfALfT9Qw4trPoMhlBb7/nSej8AfLRBRqJPim4z5Qn4:hJdaVcUsQ0Us7LbqhlBb7/nSej8AjRBd

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks